diff --git a/.wg-easy/wg0.conf b/.wg-easy/wg0.conf new file mode 100644 index 0000000..73c5f2f --- /dev/null +++ b/.wg-easy/wg0.conf @@ -0,0 +1,9 @@ + +# Note: Do not edit this file directly. +# Your changes will be overwritten! + +# Server +[Interface] +PrivateKey = 8JtWwlHvx4ogphP601ABdvNFXbd1noCd+Sn9fg19jWA= +Address = 10.8.0.1/24 +ListenPort = 51820 \ No newline at end of file diff --git a/.wg-easy/wg0.json b/.wg-easy/wg0.json new file mode 100644 index 0000000..4175eef --- /dev/null +++ b/.wg-easy/wg0.json @@ -0,0 +1,8 @@ +{ + "server": { + "privateKey": "8JtWwlHvx4ogphP601ABdvNFXbd1noCd+Sn9fg19jWA=", + "publicKey": "065+jEZi4CMWbwSCrixByy3D+haZR2e+kjmxMq6h+EY=", + "address": "10.8.0.1" + }, + "clients": {} +} \ No newline at end of file diff --git a/README.md b/README.md index 33b99e3..5d79f80 100644 --- a/README.md +++ b/README.md @@ -1,36 +1,42 @@ # WireGuard Easy -## Usage +## Installation + +### 1. Install Docker +Make sure you have [Docker](https://docs.docker.com/get-docker/) installed. + +### 2. Configure ```bash -$ docker run \ - --name wg-easy \ - --env WG_HOST=192.168.1.2 \ - --mount type=bind,source="$(pwd)",target=/etc/wireguard \ - --cap-add=NET_ADMIN \ - --cap-add=SYS_MODULE \ - --sysctl="net.ipv4.conf.all.src_valid_mark=1" \ - --restart=unless-stopped \ - -p 51820:51820/udp \ - -p 51821:51821/tcp \ - weejewel/wg-easy +# Create a directory for the configuration files +$ mkdir ~/wg-easy +$ cd ~/wg-easy +$ curl https://raw.githubusercontent.com/WeeJeWel/wg-easy/master/docker-compose.yml +$ open docker-compose.yml ``` -The Web UI will be available on `http://0.0.0.0:51821`. By default, it doesn't require a password. +Then change `WG_HOST=raspberrypi.local` to your server's public address, e.g. `WG_HOST=vpn.mydomain.com`. -> Configuration files will be stored in `~/.wg-easy/` on your host. +Optionally, set a Web UI password by uncommenting `PASSWORD=foobar123` and change the password. +### 3. Run + +```bash +$ docker compose up +``` + +The Web UI will be available on `http://0.0.0.0:51821`. You can create new clients there. ## Options -Set options by appending them to the `docker run` command. For example, add `--env PASSWORD=foobar123` to set a password. +These options can be configured in `docker-compose.yml` under `environment`. | Env | Default | Example | Description | | - | - | - | - | +| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. | | `WG_HOST` | - | `vpn.myserver.com` | The public hostname of your VPN server | | `WG_PORT` | `51820` | `51820` | The public UDP port of your VPN server | -| `PASSWORD` | - | `foobar123` | When set, requires a password when logging in to the Web UI. | | `WG_DEFAULT_ADDRESS` | `10.8.0.x` | `10.6.0.x` | Clients IP address range | | `WG_DEFAULT_DNS` | `1.1.1.1` | `8.8.8.8, 8.8.4.4` | DNS server clients will use | -> If you change `WG_PORT`, make sure to also change the exposed port in the `docker run` command. \ No newline at end of file +> If you change `WG_PORT`, make sure to also change the exposed port. \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..c84853e --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,26 @@ +version: "3.8" +services: + wg-easy: + image: weejewel/wg-easy + container_name: wg-easy + volumes: + - .wg-easy:/etc/wireguard + ports: + - "51820:51820/udp" + - "51821:51821/tcp" + restart: unless-stopped + environment: + # ⚠️ Required: + # Change this to your host's public address + - WG_HOST=raspberrypi.local + + # Optional: + # - PASSWORD=foobar123 + # - WG_PORT=51820 + # - WG_DEFAULT_ADDRESS=10.8.0.x + # - WG_DEFAULT_DNS=1.1.1.1 + cap_add: + - NET_ADMIN + - SYS_MODULE + sysctls: + - net.ipv4.conf.all.src_valid_mark=1 \ No newline at end of file